Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/weKQqMDS8AeBaKjzBm-D40yAGBE.roa
File: weKQqMDS8AeBaKjzBm-D40yAGBE.roa (raw, json)
Hash identifier: 9rSgCiZcpSpu/VcK1EiRrnndrpGuG3c3Z/F6deQFrhw=
Subject key identifier: C1:E2:90:A8:C0:D2:F0:07:81:68:A8:F3:06:6F:83:E3:4C:80:18:11
Certificate issuer: /CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Certificate serial: 019209AF2F011E737A33C98EB15F8E9E3031
Authority key identifier: 17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/weKQqMDS8AeBaKjzBm-D40yAGBE.roa
Signing time: Thu 19 Sep 2024 09:48:48 +0000
ROA not before: Thu 19 Sep 2024 09:48:48 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 141718
IP address blocks: 45.155.90.0/24 maxlen: 24
45.155.226.0/24 maxlen: 24
45.156.223.0/24 maxlen: 24
103.211.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.mft
rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 26 Nov 2024 11:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:92:09:af:2f:01:1e:73:7a:33:c9:8e:b1:5f:8e:9e:30:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17d03f298180cc109f19d4b1992c7d71c56c8dcc
Validity
Not Before: Sep 19 09:48:48 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=c1e290a8c0d2f0078168a8f3066f83e34c801811
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:27:f4:0f:78:cd:47:b9:74:8c:81:bf:30:e8:
b3:2f:4d:cd:7a:95:32:ce:a5:57:2d:9f:16:6e:1c:
d1:54:e6:07:32:49:7a:45:52:80:8a:58:e6:4d:72:
a1:b1:83:45:07:6a:58:f2:81:f4:d9:88:bd:29:a1:
21:0b:20:8e:6d:f1:cb:97:2d:6c:5f:0c:f3:b3:ea:
f3:38:fe:76:66:26:97:d0:e8:cf:e3:bd:67:dd:83:
32:8a:8c:34:44:53:3c:ed:9e:91:fa:3e:0c:06:86:
ac:0c:d3:64:f3:13:5c:05:a4:27:82:4d:f3:bf:b2:
9f:a2:dc:cb:a3:0f:7f:47:e3:2e:0d:3a:b2:e4:50:
0a:e4:a7:56:f7:04:c9:4c:51:c7:fc:c8:d2:d9:bc:
85:ca:f1:76:a2:4e:fa:cc:55:2b:48:49:8e:c0:3a:
f6:f7:fd:dc:28:d2:e7:45:e8:2e:53:a9:8d:91:a9:
88:35:ff:61:6c:ba:d5:21:16:2d:c4:56:f1:d3:1a:
ed:91:31:e7:65:d6:de:c8:b2:b7:4a:e1:5e:74:ba:
d4:9c:98:67:e4:30:d6:86:dc:8e:d4:c6:5d:09:7e:
14:54:20:2c:20:74:5e:09:c1:ec:8e:23:c7:eb:3e:
b9:04:45:94:d3:bf:a2:f7:21:3b:74:bb:ee:77:e3:
69:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:E2:90:A8:C0:D2:F0:07:81:68:A8:F3:06:6F:83:E3:4C:80:18:11
X509v3 Authority Key Identifier:
keyid:17:D0:3F:29:81:80:CC:10:9F:19:D4:B1:99:2C:7D:71:C5:6C:8D:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F9A_KYGAzBCfGdSxmSx9ccVsjcw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/weKQqMDS8AeBaKjzBm-D40yAGBE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/40/82e253-0177-4a20-befe-918ac6462679/1/F9A_KYGAzBCfGdSxmSx9ccVsjcw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.90.0/24
45.155.226.0/24
45.156.223.0/24
103.211.103.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:d5:a6:dc:e4:a0:1d:b9:f8:92:16:96:c9:00:14:fc:53:1d:
cf:dd:3c:c9:77:ad:30:63:f9:36:28:fd:75:2b:25:7f:9c:be:
cb:e6:73:bd:28:41:79:c2:f7:10:d5:73:e9:44:61:2b:82:c0:
54:77:bb:8c:c5:c6:d0:83:c0:2f:f9:e0:5d:f4:0d:42:68:0b:
7a:23:3b:94:8e:79:2d:1e:c9:63:d8:df:58:f1:f4:e5:a8:51:
d3:29:85:d2:f4:20:8d:0d:b1:f3:19:92:6c:a6:48:ae:e8:9b:
95:4f:2e:de:e6:0d:7b:e0:df:bc:1c:ac:0a:a5:3d:c0:67:cb:
9a:40:41:64:e6:ef:b8:41:82:eb:0e:e9:ab:4c:2d:17:a5:85:
eb:db:57:be:22:c6:18:f2:b0:93:04:1d:0d:aa:1b:7a:27:ad:
e9:a1:8b:db:f5:f6:01:40:31:2a:b4:dc:d4:51:f4:16:09:24:
ac:f3:cb:a2:d2:3f:b1:46:bd:64:17:b7:a0:bd:a1:b6:fa:95:
b9:28:bd:f9:a7:30:6e:e6:7b:32:9f:82:16:96:ac:8e:73:1a:
6d:9e:d9:07:af:72:df:2c:d2:b1:5d:c8:28:d3:71:f4:37:a4:
7b:64:cb:ca:75:80:c6:d4:b0:10:8d:8d:44:ab:b6:30:9c:8e:
89:3b:b7:a5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZIJry8BHnN6M8mOsV+OnjAxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZDAzZjI5ODE4MGNjMTA5ZjE5ZDRiMTk5MmM3ZDcxYzU2
YzhkY2MwHhcNMjQwOTE5MDk0ODQ4WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMWUyOTBhOGMwZDJmMDA3ODE2OGE4ZjMwNjZmODNlMzRjODAxODExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtif0D3jNR7l0jIG/MOizL03NepUy
zqVXLZ8WbhzRVOYHMkl6RVKAiljmTXKhsYNFB2pY8oH02Yi9KaEhCyCObfHLly1s
Xwzzs+rzOP52ZiaX0OjP471n3YMyiow0RFM87Z6R+j4MBoasDNNk8xNcBaQngk3z
v7KfotzLow9/R+MuDTqy5FAK5KdW9wTJTFHH/MjS2byFyvF2ok76zFUrSEmOwDr2
9/3cKNLnReguU6mNkamINf9hbLrVIRYtxFbx0xrtkTHnZdbeyLK3SuFedLrUnJhn
5DDWhtyO1MZdCX4UVCAsIHReCcHsjiPH6z65BEWU07+i9yE7dLvud+NpAQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMHikKjA0vAHgWio8wZvg+NMgBgRMB8GA1UdIwQY
MBaAFBfQPymBgMwQnxnUsZksfXHFbI3MMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUt
OTE4YWM2NDYyNjc5LzEvd2VLUXFNRFM4QWVCYUtqekJtLUQ0MHlBR0JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MC84MmUyNTMtMDE3Ny00YTIwLWJlZmUtOTE4YWM2NDYyNjc5
LzEvRjlBX0tZR0F6QkNmR2RTeG1TeDljY1ZzamN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZtaAwQA
LZviAwQALZzfAwQAZ9NnMA0GCSqGSIb3DQEBCwUAA4IBAQCe1abc5KAdufiSFpbJ
ABT8Ux3P3TzJd60wY/k2KP11KyV/nL7L5nO9KEF5wvcQ1XPpRGErgsBUd7uMxcbQ
g8Av+eBd9A1CaAt6IzuUjnktHslj2N9Y8fTlqFHTKYXS9CCNDbHzGZJspkiu6JuV
Ty7e5g174N+8HKwKpT3AZ8uaQEFk5u+4QYLrDumrTC0XpYXr21e+IsYY8rCTBB0N
qht6J63poYvb9fYBQDEqtNzUUfQWCSSs88ui0j+xRr1kF7egvaG2+pW5KL35pzBu
5nsyn4IWlqyOcxptntkHr3LfLNKxXcgo03H0N6R7ZMvKdYDG1LAQjY1Eq7YwnI6J
O7el
-----END CERTIFICATE-----
Generated at Mon Nov 25 13:51:34 2024 by rpki-client on console-fra.rpki-client.org